﻿<?php
	include '../inc/conn.php';

	extract($_POST);
	extract($_GET);
	unset($_POST,$_GET);
	if (isset($act) && isset($id))
	{
		if ($act == "del"){
			$db = new mysql();
			$db->delete('users', "id=".$id);
			$db->close();
			echo "<script>alert('User Data has deleted!!!');window.location='admin_index.php?name=users';</script>";
		}
	}
	if ($act == "add" && isset($username) && isset($password)){
		$db = new mysql();
		$sql="INSERT INTO `users` (`name`, `chn_name`,`password`, `department`) values('".htmlentities($username,ENT_QUOTES)."', '".htmlentities($chnname,ENT_QUOTES)."', '".md5($password)."', '"
			.htmlentities($department,ENT_QUOTES)."')";
		$db->query($sql);
		$db->close();
		echo "<script>alert('User has added!!');window.location='admin_index.php?name=users';</script>";
	}

	if ($act == "update" && isset($username) && isset($password) && isset($id)){
			$db = new mysql();
			$table = "users";
			$condition = "id=".$id;
			$mod_content="Name='".htmlentities($username,ENT_QUOTES)."', Password='".md5($password)."', 
			Department='".htmlentities($department,ENT_QUOTES)."', chn_name='".htmlentities($chnname,ENT_QUOTES)."'";	
			
			$db->update($table, $mod_content, $condition);
			echo "<script>alert('User Data changed!');window.location='admin_index.php?name=users&id=".$id."'</script>";
			$db->close();
	}

	if ($act == "dis" && isset($id)){
			$db = new mysql();
			$table = "users";
			$condition = "id=".$id;
			$mod_content="enable=0";	
			$db->update($table, $mod_content, $condition);
			echo "<script>alert('User disable OK!');window.location='admin_index.php?name=users&id=".$id."'</script>";
			$db->close();
	}
	
	if ($act == "en" && isset($id)){
			$db = new mysql();
			$table = "users";
			$condition = "id=".$id;
			$mod_content="enable=1";	
			$db->update($table, $mod_content, $condition);
			echo "<script>alert('User enable OK!');window.location='admin_index.php?name=users&id=".$id."'</script>";
			$db->close();
	}

	if ($act == "setadmin" && isset($id)){
			$db = new mysql();
			$table = "users";
			$condition = "id=".$id;
			$mod_content="level=0";	
			$db->update($table, $mod_content, $condition);
			echo "<script>alert('Set admin OK!');window.location='admin_index.php?name=users&id=".$id."'</script>";
			$db->close();
	}
	
	if ($act == "setnormal" && isset($id)){
			$db = new mysql();
			$table = "users";
			$condition = "id=".$id;
			$mod_content="level=1";	
			$db->update($table, $mod_content, $condition);
			echo "<script>alert('Set normal OK!');window.location='admin_index.php?name=users&id=".$id."'</script>";
			$db->close();
	}
	
?>

<div class="container-fluid">
<? if ($_SESSION['user'] != 1){  ?>
<div class="panel panel-primary">
    <div class="panel-heading">
        <h3 class="panel-title">管理员登陆</h3>
    </div>
    <div class="panel-body">
		<div class="well"> 
			<div style="form-group">
				<form class="form-inline" method="post">
					密码：<input type="password"  placeholder="Password" class="form-control" name="passwd"><button type="submit" class="btn btn-info">登录</button>
				</form>
			</div>
		</div>
	</div>
</div>
<? 
	} 
	else 
	{
?>
	<div class="panel panel-primary">
		<div class="panel-heading">
			<h3 class="panel-title">管理面板>>用户管理</h3>
		</div>
		<div class="panel-body">
		<div>
		<? 
			if ($act != "mod") {
		?>
			<div class="page-header alert text-warning">
				<div class="well"> 
					<div style="form-group">
						<form action="admin_users.php?act=add" method="post" class="form-inline">
							用名：<input type="text" class="form-control" name="username">
							中文名：<input type="text" class="form-control" name="chnname">
							密码：<input type="password"  placeholder="Password" class="form-control" name="password">
							部门：<select name="department" id="department" class="span1 form-control">
								<option value="TE">TE</option>
								<option value="EE">EE</option>
								<option value="IE">IE</option>
								<option value="ME">ME</option>
								<option value="PE">PE</option>
								<option value="PE">RT</option>
								</select>
							<button type="submit" class="btn btn-primary">添加</button>
						</form>
					</div>
				</div>
			</div>
		<?
		} else { 
			$db = new mysql();
			$sql = "select * from users where id=".$id;
			$db->query($sql);
			$num = $db->db_num_rows();
			if ($num == 0)
				die("No data was found!");
			$row = $db->fetch_assoc();
		?>
			<div class="page-header alert text-warning">
				<div class="well"> 
					<div style="form-group">
						<form action="admin_users.php?act=update&id=<? echo $row['ID']; ?>" method="post" class="form-inline">
							用名：<input type="text" class="form-control" name="username" readonly="readonly" value="<? echo $row['Name']; ?>">
							中文名：<input type="text" class="form-control" name="chnname" value="<? echo $row['chn_name']; ?>">
							密码：<input type="password"  placeholder="Password" class="form-control" name="password">
							部门：<select name="department" id="department">
									<option value="TE" <? if ($row['Department'] == "TE") echo 'selected="selected"'; ?>>TE</option>
									<option value="EE" <? if ($row['Department'] == "EE") echo 'selected="selected"'; ?>>EE</option>
									<option value="IE" <? if ($row['Department'] == "IE") echo 'selected="selected"'; ?>>IE</option>
									<option value="ME" <? if ($row['Department'] == "ME") echo 'selected="selected"'; ?>>ME</option>
									<option value="PE" <? if ($row['Department'] == "PE") echo 'selected="selected"'; ?>>PE</option>
									<option value="RT" <? if ($row['Department'] == "RT") echo 'selected="selected"'; ?>>RT</option>
								</select>
							<button type="submit" class="btn btn-info">修改</button>
						</form>
					</div>
				</div>
			</div>
		<? 
				$db->close();
			} 
		?>	
			<div>
				<table border=0 cellpadding=0 class="table table-striped">
				<tr class="success"><th>Item</th><th>用户名</th><th>中文名</th><th>密码</th><th>部门</th><th>操作</th></tr>
				<?
					$db = new mysql();
					$db->query("select * from users");
					$num = $db->db_num_rows();
					for($i=0; $i<$num; $i++){
						$row = $db->fetch_assoc();
						$item = $i + 1;
						echo "			<tr>";
						echo "<td>$item</td>";
						echo "<td>".htmlspecialchars_decode($row['Name'])." </td>";
						echo "<td>".htmlspecialchars_decode($row['chn_name'])." </td>";
						echo "<td>".htmlspecialchars_decode($row['Password'])."</td>";
						echo "<td>".htmlspecialchars_decode($row['Department'])."</td>";
						echo "<td><a href=\"admin_index.php?name=users&act=mod&id=".$row['ID']."\" rel='tooltip' title='修改用户信息'>[改]</a>&nbsp;|&nbsp;<a href=\"admin_users.php?id=".$row['ID']."&act=del\" rel='tooltip' title='删除表内容，当心哦~~~'><font color='red'>删</font></a>";
						if ($row['enable']==1)
							echo " | <a href=\"admin_users.php?act=dis&id=".$row['ID']."\" rel='tooltip' title='禁用'>[禁]</a>";
						else
							echo " | <a href=\"admin_users.php?act=en&id=".$row['ID']."\" rel='tooltip' title='启用'>[启]</a>";
			
						if ($row['level']==1)
							echo " | <a href=\"admin_users.php?act=setadmin&id=".$row['ID']."\" rel='tooltip' title='设置为管理员'>[管]</a></td>";
						else
							echo " | <a href=\"admin_users.php?act=setnormal&id=".$row['ID']."\" rel='tooltip' title='设置为普通'>[普]</a></td>";
			
						echo "</tr>\n";
					}
					$db->close();
				?>
				</table>
			</div>
		</div>
	</div>
	</div>
<? 
	}
?>
</div>
